Friday, October 23, 2009

China Expands Cyberspying in U.S., Report Says

The Chinese government is ratcheting up its cyberspying operations against the U.S., a congressional advisory panel found, citing an example of a carefully orchestrated campaign against one U.S. company that appears to have been sponsored by Beijing.

The unnamed company was just one of several successfully penetrated by a campaign of cyberespionage, according to the U.S.-China Economic and Security Review Commission report to be released Thursday. Chinese espionage operations are "straining the U.S. capacity to respond," the report concludes.

The bipartisan commission, formed by Congress in 2000 to investigate the security implications of growing trade with China, is made up largely of former U.S. government officials in the national security field.

The commission contracted analysts at defense giant Northrop Grumman Corp. to write the report. The analysts wouldn't name the company described in the case study, describing it only as "a firm involved in high-technology development."

The report didn't provide a damage assessment and didn't say specifically who was behind the attack against the U.S. company. But it said the company's internal analysis indicated the attack originated in or came through China.

The report concluded the attack was likely supported, if not orchestrated, by the Chinese government, because of the "professional quality" of the operation and the technical nature of the stolen information, which is not easily sold by rival companies or criminal groups. The operation also targeted specific data and processed "extremely large volumes" of stolen information, the report said.

In the 8 years that the US-China Economic and Security Review Commission has been reporting on the state of the Chinese military, this is by far the best report that it has ever issued in the area of Information Warfare (aka Cyber Warfare). Kudos to Northrup Grumman who won the contract to write this special report, and to Steve DeWeese (Project Manager), Bryan Krekel (principal author), George Bakos and Christopher Barnett (Subject Matter Experts). My only objection is that the team didn’t pursue the relationship between the PRC and the Chinese hacker community far enough. Other than that, this is really outstanding work. It will certainly be required reading for our upcoming Cyber Threat Analysis online graduate course at Mercyhurst College Institute of Intelligence Studies.